Microsoft Partner logo indicates that CodeTwo holds significant technical expertise in development of innovative and reliable software solutions for Microsoft platforms. The logo also demonstrates our high capability in the area of the cloud productivity and ongoing commitment to implementation and development of Office 365 solutions.

Removing msExchMailboxGUID attribute from AD synchronization.

Problem:

If you are working with AD synchronization tools, like: Azure Active Directory Connect, Azure Active Directory Synchronization Services (AAD Sync), Azure Active Directory Synchronization Tool (DirSync), Forefront Identity Manager 2010 R2 (FIM) in your environment (e.g. hybrid Exchange one) there is high probability that you applied a default configuration for the synchronization process. If so, among many other synced AD attributes there is also: msExchMailboxGuid.

In such a case assigning Office 365 license to synced on-premises users will not result in creating mailboxes. You will be able to create Office 365 mailbox only with a free Microsoft migration tool which excludes a possibility of using third-party migration tools like CodeTwo Office 365 Migration. If you want to use a third party migration tool you need to rebuild on-premises users' synchronization service from scratch removing msExchMailboxGuid attribute from the AD synchronization list.

Solution:

If the synchronization process is already completed and all synced users have had msExchMailboxGuid attribute included in the sync process the only way to remove the attribute is to get rid of all the synced users from Office 365, and appropriately reconfigure the synchronization process.

where you provide the administrator's password and then continue with the below cmdlet:

Connect-MsolService – Credential $cred

Retrieve the list of removed users with another cmdlet:

Get-MsolUser-ReturnDeletedUsers

Remove all users from the list with a cmdlet:

Remove-MsolUser –RemoveFromRecycleBin

Please note that the removing operation is irreversible.

After completion of all the above steps there should be no synchronized accounts for your Office 365. To make sure please verify in the Office 365 Administration Panel if there are any synced accounts.

Next follow the steps listed below:

If you are running the synchronization task for the first time you should begin with this part of the article

Launch DirectorySyncTool application

In the first window provide the Office 365 global administrator credentials and click Next button

In the next window provide all required data of the local AD supposed to be the source for synchronization process for your Office 365 environment.

If you have already performed the synchronization task so far simply choose the existing connection to your local AD

Leave the User Matching tab field unchanged and click the Next button

On the next screen check all option and click Next (Fig. 1.)

Fig. 1. Azure AD synchronization - Optional Features.

Leave the next window (Azure AD Apps) unchanged and click Next

In the following step check the option: I want to further limit the attributes exported to Azure AD, search for msExchMailboxGuid attribute (Fig. 2.) on the list, uncheck it and click Next

Fig. 2. Azure AD synchronization - synced attributes' list.

You will now see a synchronization configuration summary window where you also click Next

In the last step check the option: Synchronize now and click Finish.

After the synchronization is finished all the synced accounts will not have msExchMailboxGuid attribute synced anymore.